[sneed-oil]

> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.

Their software is not open source. Before this announcement you had to trust Apple not to look into the files you store in the cloud, now you have to trust that they're actually going to encrypt your files and not save the decryption key. Ultimately you still have to trust Apple. A combination of any open source OS, any cloud provider and Cryptomator or Veracrypt wouldn't require as much trust in one company.

[ubermonkey]

You're trusting somebody no matter how you do it unless you own all the hardware that supports your ecosystem.

The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

I've watched the whole FOSS world happen in my career, and there are places where I cannot IMAGINE choosing a closed source solution, given my druthers. But it's also become super clear to me that the FOSS world isn't interested in producing polished user experiences. Sure, you or I could cobble together a FOSS-only phone-and-syncing stack, I guess, but I don't care to. Most people aren't us; doing so is beyond them.

Suggesting a normal person use something OTHER than iOS at this point is questionable at best.

[nine_k]

A bazaar cannot produce things that are coherent and smooth: it takes a vision of a single person to control a large amount of aspects, implemented by other people the way the leader prescribed. That requires the cathedral approach.

Sometimes it works with a right BDFL, for some time (like Python). It also works with solo projects, and with projects with large commercial support (like Blender), especially those which don't normally accept your pull requests, except as a proof of concept (SQLite).

But the normal open-source model produces things like Linux, git, ffmpeg, VLC, etc, which are wonderful and have immense power, but are hardly sleek or excessively coherent. And each of them is much, much smaller than macOS or iOS.

[seanw444]

Something I've come to understand is that just as we have "time vs. space" tradeoffs in, well, primarily computing (but can be applied to virtually everything), we can also reduce essentially all preferential decisions down to "freedom vs. convenience".

The kind of person that uses Apple products/services cares about convenience. The person that uses the third party Android ROMs, in particular, cares more about the freedom.

[ubermonkey]

FOSS people who see themselves as digital freedom fighters LOVE to trot this out, but I don't think it's true in any meaningful sense.

It's more accurate to frame it as preferring low hassle to high hassle. Or to preferring well-designed tools to haphazard efforts. Or, from the other side, preferring some degree of DIY to turnkey products. (In particular, I think this is a HUGE piece of it; lots of hackers want to build their own toolchain, and then they get to feel noble because they're doing it for "freedom.")

I'm pretty "all in" on the Apple ecosystem. Each step of the way, I thought pretty deeply about my choices, and still ended up with an Apple option. But to characterize this as me caring more about convenience than "freedom" implies that I have somehow given up or endangered MY freedom, which isn't the case.

I'm able to do anything I want to do in this ecosystem. Macs are general purpose machines; I can build from source, and I can run code from any repository I want.

iOS is closed by design, and the result has been a very stable and predictable platform that I do not believe is possible WITHOUT that closed nature. I can't hack code on my phone, but I also don't WANT to. There are lots of appliance devices in my life I don't want to hack, and that I just want to USE.

[seanw444]

You're right, you have the freedom to choose a device with less freedom. And that's fine. I'm not trying to be condescending to people who prefer convenience. It's a reasonable preference to have. I don't see how this disproves my point though.

I will admit, Macs are much better in the software realm, but the hardware has almost no internal upgradeability. There's some, but it's less. That's my point. And yes, many non-Apple computers also have that same problem. My gripe isn't with Apple. It's with companies who don't give maximal freedom with their devices, as I prefer more open systems, personally.

[ubermonkey]

"but the hardware has almost no internal upgrade-ability"

Sure. But this is also true of most modern, lightweight, thin laptops. And I'm pretty sure it's true of any phone worth using.

My experience is that a certain sort of FOSS person prefers theoretical freedom to actual usability.

[yamtaddle]

> Linux

Well, that one's not so bad, but is also mostly a commercially-supported endeavor and has been for a long time.

Now, the Linux desktop is a shitshow, sure. It'll remain that way until they can settle on One Windowing & UI Toolkit to Rule Them All, which looks to be happening never and is definitely in part a consequence of so many very basic parts of the GUI being swappable and having tons of competing options. Though the kernel's attitude toward providing stable driver ABIs (or rather, not doing so) isn't helping.

[soulofmischief]

Is it a shit show, though? Things were more rocky two decades ago, but my computing experience with Linux today is unmatched by any other kernel or operating system. Comparatively it feels like the UX of OS X and Windows are the total shitshows.

[michaelmior]

> as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

Some of us prefer Android to iOS :) Having used iOS as well, the one thing I miss in Android is Continuity. Other than that, I find Android gives me a better experience. I'm certainly an outlier in many ways though compared to the average user.

[chakalakasp]

My favorite part of android is how security patches go through a multi-tiered trickle-down system of testing to make sure they work with the dozens of custom flavors each manufacturer has so that by the time you get patched it's been in the wild for weeks or months. Oooh, ooh, no that's not my favorite thing, my favorite thing is how each cellular company gets to put their own bloatware on top of the bloatware that each phone manufacturer gets to add to it. Oh wait, maybe it's patch support ending for new phones 3 years after they were released. There is so much to love about how Android turned out it's hard to pick just one thing.

[HJain13]

> My favorite part of android is how security patches go through a multi-tiered trickle-down system of testing to make sure they work with the dozens of custom flavors each manufacturer has so that by the time you get patched it's been in the wild for weeks or months.

This is not the reason for security patches taking too long to be released to certain phones; Google has a monthly cadence of releasing security patches and zero-days have rarely (I can't remember a case of that happening but maybe it has happened) missed do you have a source for it?

> Oooh, ooh, no that's not my favorite thing, my favorite thing is how each cellular company gets to put their own bloatware on top of the bloatware that each phone manufacturer gets to add to it.

There are unlocked phones available and honestly this problem is mostly a US problem. Rest of the world isn't in the iron fists of their carriers.

> Oh wait, maybe it's patch support ending for new phones 3 years after they were released.

You can vote with your wallet and choose vendors where this is not the case; Google, Samsung and Recently OnePlus offer 5 years of security updates.

[TheCapeGreek]

>There are unlocked phones available and honestly this problem is mostly a US problem. Rest of the world isn't in the iron fists of their carriers.

In the rest of the world phones are unlocked in terms of being able to use different SIM cards, but mostly the bloatware is still there and can only be disabled (not removed)

[scarface74]

> This is not the reason for security patches taking too long to be released to certain phones; Google has a monthly cadence of releasing security patches and zero-days have rarely (I can't remember a case of that happening but maybe it has happened) missed do you have a source for it?

Yet and still Microsoft solved this problem years ago. Why can’t Google? Hell my 2006 Mac Mini got years of Windows 7 updates after installing Windows on it.

[vxNsr]

This is interesting, they’ll try to tell you it’s because the cellular modem requires extra testing by the carriers and manufacturers, but windows can support upgrades that don’t affect an add-in card cell modem… so what gives?

[kilolima]

I like having a back button.

[howinteresting]

Agreed, I tried using an iPhone as my primary device for 3 years and it was so bad compared to a Pixel.

[kernal]

>The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

You mean the same OS that allows you to build your own open mobile OS as opposed to a closed source locked down OS that permits only 1 app store and 1 payment system?

>Suggesting a normal person use something OTHER than iOS at this point is questionable at best.

It's only questionable if you prefer the prison that is iOS.

[ubermonkey]

Richard? Is that you?

I lol'd at "prison that is iOS."

[rollcat]

Acceptable security afforded today - through usability - is better than superior security, that could've theoretically been gained, but wasn't, because it was too difficult to set things up.

In particular, reviewing open source code has been repeatedly proven to be way harder of a task, than the proponents of this strategy are painting it to be. If you want an auditable codebase, you pretty much have to throw Linux, Chromium/Firefox, Gnome/KDE all out the window - there's just way too much code.

Auditable code is naturally always preferable to non-auditable, but you need to choose your trade-offs - or at least stop pretending you can read a hundred million lines in your life time.

On top of that - do you know a single non-tech person who knows how to set up a VPS, or knows what Veracrypt is? OTOH I can just show my wife: click here to enable backups.

Let me reframe the problem: What is your threat model? How much effort are you willing to commit to mitigate the dangers?

[chakalakasp]

This is a succinct explanation of the problem. Do we give the vast majority of users extremely easy, frictionless access to very high levels of security and privacy? Or do we give the vast majority of users a fundamentally insecure solution that with lots of learning and configuring and time can be have very very very high levels of security and privacy?

The crazy thing is that apple hardware beats most other hardware, too, at a high price. Better phones, better tablets, better laptops. More secure, more private OS than the popular consumer alternatives (Windows, Android). Arguably much better OS all around, too (at least IMO -- iOS beats even stock Pixel Android at use-ability, MacOS v Windows is like the Harlem Globetrotters playing the Washington Generals.)

[michaelmior]

> stop pretending you can read a hundred million lines in your life time.

For me, and I assume most others, it's not that we expect to read all the code ourselves. It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws, and you still have the pipeline problem of ensuring the binaries you get actually come from the code you think they do. But all else being equal, I think open source provides a significant level of threat mitigation.

Even if you fully trust Apple not to intentionally back door anything, there's far fewer eyeballs on their code. Given that access to source code also has the potential to reveal security holes that may have gone unexploited, there of course a tradeoff here too.

[oblio]

> It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws.

Yeah, about that, I'm as much of an Open Source buff as anyone, but:

> Analysis of the source code history of Bash shows the Shellshock bug was introduced on 5 August <<1989>>, and released in Bash version 1.03 on 1 September 1989.

[...]

> The presence of the bug was announced to the public on <<2014-09-24>>, when Bash updates with the fix were ready for distribution, though it took some time for computers to be updated to close the potential security issue.

Especially older Open Source software tends to have maintainers that haven't adopted modern software development practices so we're back to square one, since most of this older software is foundational technology, like Bash.

[michaelmior]

I'm not sure I understand the concern. I don't think it's at all unlikely that there are such long standing bugs in closed source software that's been around the same amount of time. We might just never hear about it or those bugs might never be found. Of course, I have no proof that's the case, but I'm not convinced that finding longstanding bugs in open source software is evidence of inferior quality (this is what you seem to be implying, but I may be mistaken).

[oblio]

> but I'm not convinced that finding longstanding bugs in open source software is evidence of inferior quality (this is what you seem to be implying, but I may be mistaken).

I'm not implying inferior quality, I'm implying no correlation.

There was a very strong assumption from back in 1999, that "lots of eyes make all bugs shallow", with a focus especially on security.

In reality, there's no correlation.

You need those eyes to actually be looking at stuff proactively, you want automated scans, you want modern software development practices and CI/CD pipelines, you want those eyes to actually be qualified to look at what they're looking correctly, etc.

Just putting stuff out there and assuming "people will look at its insides" is a bad assumption.

Open Source in my experience is not inherently superior from a security perspective to proprietary software.

[beeboop]

I think this is less of an issue than you might think - if they're going to decrypt for law enforcement then it will become painfully obvious there's a backdoor literally the first time evidence is brought to a court that shouldn't have been available without a decryption.

[StillBored]

But that could be a very long time if they just apply some form of parallel construction to most cases. They aren't going to burn such information on the first low level criminal/CP target they find. Instead they will wait 5 years and then sweep up a bunch of people involved in some criminal "ring".

And the problem with all these services that provide some kind of E2EE encryption and still have a way to push application updates (or run something in your browser), is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.

[93po]

> is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.

Apple has very publicly refused to do this for law enforcement and there's no evidence they have or ever will

[chakalakasp]

Thing is, if law enforcement is patient they can get the data off the actual devices themselves, if they're still alive. Yes, a fully patched iPhone tends to be a fortress of might to anyone other than a nation state willing to burn a few very expensive 0 days, but with almost any phone if you wait a year or two something will inevitably come out that will allow the ol' Cellebrite crowbar a cranny to slip into.

[cromka]

Not to mention employe whistleblowing.

[rootusrootus]

> Their software is not open source.

Notably, the only other serious competitor in the space is also not open source. Sure, you can probably carefully construct a phone from only FOSS, with some compromises of course. But this is unfeasible for regular users, who have for all practical purposes only two choices. And those same users are unlikely to go for alternative replacements for built-in functionality just to reduce their exposure. Convenience wins every time.

[ir77]

my comment was not against someone 100% paranoid using grapheOS and doing their own backups somewhere and trying to figure out how to get a good google maps alternative in open source.

my comment was that against main stream companies apple leads the way, and it's overall great for a consumer.

do you personally expect every piece of open source software? do you run your own email servers, music servers, photo backups, etc.? If not, you somehow trust those companies -- why?

[kaba0]

Arguably, the chance of fckup might increase, as now you get the problem of integration which will quickly increase the surface area to n*m.